The South Korean government announced on Thursday that its state-operated employment platform was hit by a cyberattack, exposing 230,000 users’ private data.
In a press release, the Korea Employment Information Service (KEIS) stated that they discovered 236,572 cases of unauthorized access in the national employment platform, Work-Net. The break in was conducted by 28 different foreign IP addresses.
KEIS assumed that the hackers used credential stuffing, a method where criminals try to gain access to an account by applying information that has already been breached. The agency explained to The Readable that they came to the assumption, as its security team did not detect any abnormal intrusions in the company’s network.
The South Korean government is sending notifications to users who allegedly had their information exposed from the data breach, requesting that they change their passwords. The disclosed data included names, genders, dates of births, addresses, phone numbers, work experiences, and identification pictures. KEIS is also planning to strengthen its security procedures, such as adopting two factor authentication, requesting that users enter an auto-generated code to sign in to add a second layer of protection.
“The hackers tried to gain access to Worknet 5 million times. They have successfully signed in to 380,000 accounts,” said an official of KEIS to The Readable. “After excluding repeated accesses, we discovered that 230,000 accounts were impacted by the attackers.”
